<?
class Users
{
        static function GetAll()
        {
                $conn = getConnection();
                $sql = '
                        SELECT *
                        FROM Users U
                        ';
                
                return $conn->query($sql);
        }
        static function Get($id)
        {
                $conn = getConnection();
                $result = $conn->query("SELECT * FROM Users WHERE id=$id");
                $rs = $result->fetch_assoc();
                $conn->close();
                return $rs;
        }
        static function Blank()
        {
                return array();
        }
        static function Save(&$rs)
        {
                $conn = getConnection();
                $rs_old = $rs;
                $rs = Users::EscapeAll($conn, $rs);
                if(isset($rs['id']))    // Editing
                {
                        $sql =  "UPDATE Users SET "
                        .               " FirstName='$rs[FirstName]',"
                        .               " LastName='$rs[LastName]',"
                        .               " Password='$rs[Password]',"
                        .               " PictureURL='$rs[PictureURL]',"
                        .               " FBID='$rs[FBID]',"
                        .               " Lookup_id='$rs[Lookup_id]'"
                        .               " WHERE id=$rs[id]"
                        ;
                }else{                                  // Adding
                        $sql =  "INSERT INTO Users (FirstName, LastName, Lookup_id, Password, `PictureURL`,FBID) "
                        .               "Values ('$rs[FirstName]', '$rs[LastName]', '$rs[Lookup_id]', '$rs[Password]', '$rs[PictureURL]','$rs[FBID]')";
                }
                $rs = $rs_old;
                //echo  $sql;
                $result = $conn->query($sql);
                $error = $conn->error;
                if(!isset($rs['id']))
                {
                        $rs['id'] = $conn->insert_id;
                }
                $conn->close();
                if($error)
                        return array('Server Error' => $error);
                else
                        return null;
        }
        static function Delete($id)
        {
                $conn = getConnection();
                $conn->query("DELETE FROM Users WHERE id=$id");
                $error = $conn->error;
                $conn->close();
                if($error)
                        return array('Server Error' => $error);
                else
                        return null;
        }
        static function Validate($rs)
        {
                $errors = array();
                if(count($errors) == 0)
                        return null;
                return $errors;
        }
        static function EscapeAll($conn, $rs)
        {
                $ret = array();
                foreach($rs as $key => $value)
                {
                        $ret[$key] = mysqli_real_escape_string($conn, $value);
                }
                return $ret;
        }
}


